The past two years have been nothing but eventful when it comes to privacy news. Covid-19 provided companies with exciting new ways to track personal data – all for the greater good of course. Technology has come on leaps and bounds, with facial recognition technology almost old news, and Amazon selling roaming robot cameras to monitor the visitors to our homes.
But who has raised the bar on responsibility. And who has pushed privacy to one side as they pursue profits? Presenting the Privacy Compliance Hub’s inaugural heroes and villains awards…
Biggest cock up
So you want to run some staff training around cybersecurity – very sensible. Just make sure you don’t take a leaf out of West Midlands Trains’ book. The company sent 2,500 employees a message from the managing director promising a bonus to thank them for their hard work during the pandemic. The problem was it turned out to be a company-designed phishing simulation test.
Worst excuse of the year
Everybody’s favourite facial recognition technology company Clearview AI has been in the news a lot over the past year. But after being fined more than £7.5m by the UK’s privacy watchdog – the fourth country to take enforcement action against the firm – Clearview’s chief executive Hoan Ton-That had this to say: “I am deeply disappointed that the UK Information Commissioner has misinterpreted my technology and intentions”. That clears that up then.
Biggest fine of the year
The UK regulator isn’t the only one handing out fines. Luxembourg’s data protection authority fined Amazon €746m (or £636m) in 2021 for lack of a lawful basis for collecting and processing personal data for the purposes of targeted advertising. The ensuing fine was 15 times bigger than the previous GDPR record, although Amazon has indicated it will challenge the ruling.